Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Cartoondog
New Contributor

Created on ‎05-12-2024 06:54 PM

Help Im in Fortiswitch hell. FAP will not communicate with FG-60 via forti-link

Hello all,

I am puzzled or lack the core concepts of fort-link implementation.  My specific problem is that the FAP E connected to any remote switch cannot communicate with the router.  All FAPs are in bridge mode so that they can be serviced by the DHCP on the routers hardware switch.  Unfortunately FAP-E could not be wired directly to the router or this point would be somewhat moot.

 

All the switches are connected via fortilink.  No additional VLANs/Trunks have been implemented. I feel that the answer is some sort of VLAN soft switch arrangement or possibly adding a non-fortilink trunk to each switch.  I really don't know or understand  

 

Below is a picture of a network setup.  This network needs wireless access for clients and Sonos speakers as well as wired clients/speakers/cameras.  Sonos adds complexity because by design it does not expect anything other than a flat network (there seem to be ways around this).

 

Thanks for any help you can give!

Network.JPG

179
0 Kudos
2 REPLIES 2
Toshi_Esumi
SuperUser
SuperUser

Created on ‎05-12-2024 08:53 PM

The base concept for Fortilink-managed FortiSwitches(FWSs) is all VLANs on the FSWs need to be confitured ON the FortiLink. Even if you created the same VLAN subinterfaces (same VLAN IDs) on both the hard-switch and FortiLink sides, they're separated and not on the same broadcast domain. 
If you want to use the same DHCP servers on both sides, you need to put them togather in soft-switches then set the IPs there.

Toshi

150
ebilcari
Staff
Staff

Created on ‎05-13-2024 05:43 AM Edited on ‎05-13-2024 05:45 AM

Are you saying that you have trouble adding FAP E to be managed by the FGT? If this the case you just need to use/create a VLAN, enable DHCP and enable Security Fabric Connection. Set this VLAN as "Native VLAN" on the switchport where this AP is connected. FAP will be auto discovered by FGT.

AP-mgmt.PNG

If you want to span the same VLAN for user traffic from the FortiLink to the FGT interfaces where the APs are connected you will need to create a Software switch.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
105
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.